v3.6.0

Changelog for reva 3.6.0 (2026-02-20)

The following sections list the changes in reva 3.6.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5451: Handle special characters in file names correctly
• Fix #5511: Quota should be retrieved in monitoring key=value format
• Enh #5481: Add support for reva-cli tests on EOS
• Enh #5475: Support project-trashbins in EOS
• Enh #5472: Use uid instead of username of eos remote-user
• Enh #5474: Update EOS gRPC bindings
• Enh #5513: Refactor EOS driver / FS for Reva
• Enh #5503: Cephmount add root dir config option

Details

• Bugfix #5451: Handle special characters in file names correctly

  • Fixed PROPFIND response when listing a folder named with special charactrers

  #5451

• Bugfix #5511: Quota should be retrieved in monitoring key=value format

  The quota command now uses the -m flag to retrieve quota information in monitoring key=value
  format, ensuring consistent and parseable output.

  #5511

• Enhancement #5481: Add support for reva-cli tests on EOS

  #5481

• Enhancement #5475: Support project-trashbins in EOS

  #5475

• Enhancement #5472: Use uid instead of username of eos remote-user

  This brings back the functionality to download versions of files in a project space

  #5472

• Enhancement #5474: Update EOS gRPC bindings

  This supports the new trashbin, based on a "recycle id" for projects

  #5474

• Enhancement #5513: Refactor EOS driver / FS for Reva

  This also includes writing a README for the driver

  #5513

• Enhancement #5503: Cephmount add root dir config option

  • The root_dir config option is there to append a path on the current path that should be
    mounted by reva

  #5503

v3.5.1-1

Changelog for reva 3.5.1 (2026-02-12)

The following sections list the changes in reva 3.5.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5482: Return 403 instead of 500 on no permissions
• Fix #5473: Do not require db_engine to be set
• Fix #5496: GetNsMatch in eosfs should return a cleaned path
• Fix #5490: Do not do getQuota as project owner for ownerless projects
• Fix #5492: Set proper service account context for project GetQuota
• Fix #5491: Do not clean namespace path
• Enh #5466: Clean up DAV PUT
• Enh #5470: Add indexes to share db for fields that may be queried
• Enh #5452: OCM Embedded shares
• Enh #5471: Extend integration tests using Reva CLI
• Enh #5476: OCM: support access_types and drop datatx protocol
• Enh #5489: Add processing endpoint for an embedded share
• Enh #5484: Remove share first from EOS, then db
• Enh #5462: Integration tests using Reva CLI

Details

• Bugfix #5482: Return 403 instead of 500 on no permissions

  #5482

• Bugfix #5473: Do not require db_engine to be set

  #5473

• Bugfix #5496: GetNsMatch in eosfs should return a cleaned path

  #5496

• Bugfix #5490: Do not do getQuota as project owner for ownerless projects

  #5490

• Bugfix #5492: Set proper service account context for project GetQuota

  #5492

• Bugfix #5491: Do not clean namespace path

  There was a bug in Reva that caused the namespace path to be cleaned. This is wrong: this path
  should end in a / so that EOS trashbin paths do not match for projects (e.g.
  /eos/project-i00 should not be prefixed by /eos/project/).

  This bug caused deleted entries to still show up in the favorites list

  #5491

• Enhancement #5466: Clean up DAV PUT

  • Fixed a "bug" where a variable was overwritten (though this had no impact) * Cleaned up a method
  • Removed unused function

  #5466

• Enhancement #5470: Add indexes to share db for fields that may be queried

  In a previous change, some indexes for fields that are queried had been replaced by a composite
  index, which cannot be used for certain queries that we do. So, this PR brings back the
  non-composite indexes.

  #5470

• Enhancement #5452: OCM Embedded shares

  This PR introduces OCM embedded shares

  • Adds functionality to store embedded shares (where the shared data is embedded in the OCM
    share payload) * Adds filters to ListReceivedOCMShares call and adapts to the new fields
    SharedResourceType and RecipientType * Adds an endpoint to list embedded shares (using
    the previously mentioned filters)

  #5452

• Enhancement #5471: Extend integration tests using Reva CLI

  This PR extends the Reva CLI test suite by including tests for recycle bin, versions and grant
  operations

  #5471

• Enhancement #5476: OCM: support access_types and drop datatx protocol

  This PR adapts the OCM implementation to v1.3. No new capabilities have been added yet.

  #5476

• Enhancement #5489: Add processing endpoint for an embedded share

  • For now this only changes the state to accepted (or pending if you want to "unprocess" the
    share) - Eventually we want the downloaded content to arrive in the target folder, the target is
    just logged for now.

  #5489

• Enhancement #5484: Remove share first from EOS, then db

  When removing shares, remove permissions from storage before going to db, so that there can be
  no lingering permissions on EOS

  #5484

• Enhancement #5462: Integration tests using Reva CLI

  This PR introduces a proof-of-concept for integration tests based on the reva CLI. The goal is
  to extend these tests, so that they can be used by EOS to check if their changes break our
  workflow.

  #5462

v3.5.1

Changelog for reva 3.5.1 (2026-02-12)

The following sections list the changes in reva 3.5.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5482: Return 403 instead of 500 on no permissions
• Fix #5473: Do not require db_engine to be set
• Fix #5496: GetNsMatch in eosfs should return a cleaned path
• Fix #5490: Do not do getQuota as project owner for ownerless projects
• Fix #5492: Set proper service account context for project GetQuota
• Fix #5491: Do not clean namespace path
• Enh #5466: Clean up DAV PUT
• Enh #5470: Add indexes to share db for fields that may be queried
• Enh #5452: OCM Embedded shares
• Enh #5471: Extend integration tests using Reva CLI
• Enh #5476: OCM: support access_types and drop datatx protocol
• Enh #5489: Add processing endpoint for an embedded share
• Enh #5484: Remove share first from EOS, then db
• Enh #5462: Integration tests using Reva CLI

Details

• Bugfix #5482: Return 403 instead of 500 on no permissions

  #5482

• Bugfix #5473: Do not require db_engine to be set

  #5473

• Bugfix #5496: GetNsMatch in eosfs should return a cleaned path

  #5496

• Bugfix #5490: Do not do getQuota as project owner for ownerless projects

  #5490

• Bugfix #5492: Set proper service account context for project GetQuota

  #5492

• Bugfix #5491: Do not clean namespace path

  There was a bug in Reva that caused the namespace path to be cleaned. This is wrong: this path
  should end in a / so that EOS trashbin paths do not match for projects (e.g.
  /eos/project-i00 should not be prefixed by /eos/project/).

  This bug caused deleted entries to still show up in the favorites list

  #5491

• Enhancement #5466: Clean up DAV PUT

  • Fixed a "bug" where a variable was overwritten (though this had no impact) * Cleaned up a method
  • Removed unused function

  #5466

• Enhancement #5470: Add indexes to share db for fields that may be queried

  In a previous change, some indexes for fields that are queried had been replaced by a composite
  index, which cannot be used for certain queries that we do. So, this PR brings back the
  non-composite indexes.

  #5470

• Enhancement #5452: OCM Embedded shares

  This PR introduces OCM embedded shares

  • Adds functionality to store embedded shares (where the shared data is embedded in the OCM
    share payload) * Adds filters to ListReceivedOCMShares call and adapts to the new fields
    SharedResourceType and RecipientType * Adds an endpoint to list embedded shares (using
    the previously mentioned filters)

  #5452

• Enhancement #5471: Extend integration tests using Reva CLI

  This PR extends the Reva CLI test suite by including tests for recycle bin, versions and grant
  operations

  #5471

• Enhancement #5476: OCM: support access_types and drop datatx protocol

  This PR adapts the OCM implementation to v1.3. No new capabilities have been added yet.

  #5476

• Enhancement #5489: Add processing endpoint for an embedded share

  • For now this only changes the state to accepted (or pending if you want to "unprocess" the
    share) - Eventually we want the downloaded content to arrive in the target folder, the target is
    just logged for now.

  #5489

• Enhancement #5484: Remove share first from EOS, then db

  When removing shares, remove permissions from storage before going to db, so that there can be
  no lingering permissions on EOS

  #5484

• Enhancement #5462: Integration tests using Reva CLI

  This PR introduces a proof-of-concept for integration tests based on the reva CLI. The goal is
  to extend these tests, so that they can be used by EOS to check if their changes break our
  workflow.

  #5462

v3.5.0

Changelog for reva 3.5.0 (2026-01-09)

The following sections list the changes in reva 3.5.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5449: Fix database sharedconfig parsing
• Fix #5464: Make MOVE work in public link
• Fix #5446: Make notify_uploads_extra_recipients work in libregraph
• Fix #5463: Fix permission editing for public links
• Fix #5404: Fix localhome virtual namespace path handling for spaces
• Enh #5429: Cephmount: supports setting posix acls
• Enh #5433: Make chunking_parallel_upload_disabled configurable
• Enh #5450: Clean up ListWithRegex log
• Enh #5447: Make notification trigger always use items
• Enh #5445: Support funcs in templates
• Enh #5402: Refactoring of the GORM model for shares
• Enh #5428: Refactor permissions

Details

• Bugfix #5449: Fix database sharedconfig parsing

  #5449

• Bugfix #5464: Make MOVE work in public link

  #5464

• Bugfix #5446: Make notify_uploads_extra_recipients work in libregraph

  #5446

• Bugfix #5463: Fix permission editing for public links

  A bug was introduced during the refactoring of the permission system
  (#5428). This has now been fixed.

  #5463

• Bugfix #5404: Fix localhome virtual namespace path handling for spaces

  Added optional VirtualHomeTemplate config to localfs driver, enabling localhome to
  correctly handle paths when exposing user homes through a virtual namespace (e.g.,
  /home/) while storing files in a flat per-user layout on disk.

  The wrap() function uses a clean switch statement with named predicates to handle five path
  transformation patterns:

  • Exact match: /home/einstein -> / - Full path: /home/einstein/file -> /file - Parent path:
    /home -> / (when virtual home is /home/einstein) - Gateway-stripped parent: /home/file ->
    /file (gateway omits username) - Gateway-stripped username: /einstein/file -> /file
    (WebDAV "home" alias)

  The last two cases handle gateway routing edge cases where prefixes are stripped differently
  depending on whether the WebDAV layer uses space IDs or the "home" alias for URL construction.

  The normalize() function adds the virtual home prefix only to the Path field of ResourceInfo
  (e.g., /file -> /home/einstein/file), enabling PathToSpaceID() to derive the correct space
  identifier. The OpaqueId field remains storage-relative (e.g., fileid-einstein%2Ffile)
  to ensure resource IDs can be properly decoded.

  The localhome wrapper now correctly passes VirtualHomeTemplate through to localfs.

  When VirtualHomeTemplate is empty (default), behavior is unchanged, ensuring backward
  compatibility with EOS and existing deployments.

  #5404

• Enhancement #5429: Cephmount: supports setting posix acls

  #5429

• Enhancement #5433: Make chunking_parallel_upload_disabled configurable

  #5433

• Enhancement #5450: Clean up ListWithRegex log

  #5450

• Enhancement #5447: Make notification trigger always use items

  #5447

• Enhancement #5445: Support funcs in templates

  #5445

• Enhancement #5402: Refactoring of the GORM model for shares

  With this PR we introduce new constraints and rename some fields for better consistency:

  • Types used by OCM structures only are prefixed with Ocm, and AccessMethod and Protocol
    were consolidated into OcmProtocol * ItemType is used in OCM shares as well * The
    (FileIdPrefix, ItemSource) tuple is now (Instance, Inode) in OcmShare, and it was
    removed from OcmReceivedShare as unused * Unique index constraints have been created for
    regular Shares and for OcmShares on (instance, inode, shareWith, deletedAt) * The
    unique indexes have been renamed with a u_ prefix for consistency: this affected
    u_shareid_user, u_link_token. The i_share_with was dropped as redundant. * Alias
    and Hidden were added in OcmReceivedShare

  #5402

• Enhancement #5428: Refactor permissions

  Permissions are now, at least partially, handled and exposed within a single package (which
  was important for cernboxcop), with conversions between the different types of permissions

  #5428

v3.4.2

Changelog for reva 3.4.2 (2025-12-17)

The following sections list the changes in reva 3.4.2 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5444: Allow lightweight accounts to use external apps
• Enh #5442: Refactor emailhandler

Details

• Bugfix #5444: Allow lightweight accounts to use external apps

  For that, we need to explicitly allow all relevant storage provider requests when checking the
  lw scope.

  #5444

• Enhancement #5442: Refactor emailhandler

  The email handler now supports reading CID files and embedding them.

  #5442

v3.4.1

Changelog for reva 3.4.1 (2025-12-16)

The following sections list the changes in reva 3.4.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5443: Make PROPFIND on files proper

Details

• Bugfix #5443: Make PROPFIND on files proper

  #5443

v3.4.0

Changelog for reva 3.4.0 (2025-12-12)

The following sections list the changes in reva 3.4.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5425: Make public file PROPFIND response proper again
• Fix #5421: Eosfs: SetLock now checks existing locks
• Fix #5424: Make href properly formed on PROPFIND requests to /v endpoints
• Fix #5418: Fix inverted expiry check in JSON invite repository
• Fix #5412: Nilpointer in logline when addGrant fails
• Fix #5415: Set correct user type when accepting OCM invites
• Fix #5422: Do not give delete permission to root of public links
• Fix #5409: Bring back proper DAV support
• Fix #5430: Fix trashbin restores
• Fix #5427: Fix upload notifications
• Fix #5423: Make href proper in REPORT
• Enh #5385: Add OCM Where Are You From capability
• Enh #5403: Add Acess-Control-Expose-Headers for Range requests
• Enh #5323: Add database config to sharedconf
• Enh #5432: Add support for embedded view mode in apps
• Enh #5408: Modernize codebase
• Enh #5407: Add musl-based fully static build target
• Enh #5401: Adapt gateway and corresponding driver to CS3API changes
• Enh #5363: Include OCM shares in SharedByMe view
• Enh #5285: Remove EOS EnableHome parameter
• Enh #5405: Add support for signed URLs
• Enh #5381: Convert SQL tables to gorm, corresponding driver, and tests

Details

• Bugfix #5425: Make public file PROPFIND response proper again

  #5425

• Bugfix #5421: Eosfs: SetLock now checks existing locks

  #5421

• Bugfix #5424: Make href properly formed on PROPFIND requests to /v endpoints

  #5424

• Bugfix #5418: Fix inverted expiry check in JSON invite repository

  The tokenIsExpired function in the JSON invite repository had the comparison operator
  inverted, causing valid (non-expired) tokens to be incorrectly filtered out when listing
  invite tokens.

  The check token.Expiration.Seconds > Now() was returning true for tokens expiring in the
  future, effectively hiding all valid tokens. Fixed to use < instead of >.

  #5418

• Bugfix #5412: Nilpointer in logline when addGrant fails

  Fix for #5387

  #5412

• Bugfix #5415: Set correct user type when accepting OCM invites

  When a remote user accepts an OCM invite, they were being stored with USER_TYPE_PRIMARY
  instead of USER_TYPE_FEDERATED. This caused federated user searches to fail and OCM share
  creation to break because the user ID was not properly formatted with the @Domain suffix
  required for OCM address resolution.

  #5415

• Bugfix #5422: Do not give delete permission to root of public links

  Otherwise, a folder shared through a public link could itself be deleted

  #5422

• Bugfix #5409: Bring back proper DAV support

  Spaces broke proper DAV support, because returned hrefs in the PROPFIND always contained
  space IDs, even if these were not present in the incoming request. This is fixed now, by writing
  the href based in the incoming URL

  #5409

• Bugfix #5430: Fix trashbin restores

  #5430

• Bugfix #5427: Fix upload notifications

  The registration of notifications for uploads in a public link folder was until now only
  handled in the OCS HTTP layer; this is the responsibility of the public share provider. Since it
  was also missing from the OCGraph layer, this has been moved to the "gRPC" part of reva

  #5427

• Bugfix #5423: Make href proper in REPORT

  Github.com//pull/5409 broke REPORT calls, which are used for favorites. This is
  now fixed

  #5423

• Enhancement #5385: Add OCM Where Are You From capability

  Implements WAYF specific discovery endpoints for the ScienceMesh package, enabling dynamic
  OCM provider discovery and federation management.

  #5385

• Enhancement #5403: Add Acess-Control-Expose-Headers for Range requests

  We add the necessary headers for multipart range requests to Acess-Control-Expose-Headers
  to expose these, so that clients can read them

  #5403

• Enhancement #5323: Add database config to sharedconf

  Add database configuration to sharedconf, so that it doesn't have to be repeated for every
  driver

  #5323

• Enhancement #5432: Add support for embedded view mode in apps

  #5432

• Enhancement #5408: Modernize codebase

  This PR
  modernizes
  the codebase: it removes syntax that used to be idiomatic but now has better alternatives

  #5408

• Enhancement #5407: Add musl-based fully static build target

  Added a new revad-static-musl Makefile target that produces a fully statically linked
  binary using musl libc instead of glibc. This eliminates the linker warnings that appeared
  with the standard static build and creates a truly portable binary that runs on any Linux
  distribution without requiring matching glibc versions.

  Also fixed the build info injection by correcting the package path in BUILD_FLAGS to include
  the /v3 module version, ensuring version, commit, and build date information are properly
  displayed in the binary.

  #5407

• Enhancement #5401: Adapt gateway and corresponding driver to CS3API changes

  The OCM Core API has been renamed to OCM Incoming API

  #5401

• Enhancement #5363: Include OCM shares in SharedByMe view

  • The CS3APis verison has been updated to include "ListExistingOcmShares". - The OCM shares
    are now included in the getSharedByMe call. - The filters have been updated to adapt to changes
    from the updated CS3APIs. - Fixed bug where only ocm users were queried if it was enabled. -
    Consolidated OCM Address resolutions in a single function, fixes #5383

  #5363

• Enhancement #5285: Remove EOS EnableHome parameter

  This change removes the EnableHome parameter, which was a source of bugs and was unused in
  production.

  #5285

• Enhancement #5405: Add support for signed URLs

  #5405

• Enhancement #5381: Convert SQL tables to gorm, corresponding driver, and tests

  • Conversion of the SQL tables to a GORM model, IDs are unique across public links, normal
    shares, and OCM shares. - Some refactoring of the OCM tables (protocols and access methods) -
    Corresponding SQL driver for access has been implemented using GORM - Tests with basic
    coverage have been implemented.

  #5381

v3.3.3

Changelog for reva 3.3.3 (2025-11-07)

The following sections list the changes in reva 3.3.3 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5393: Correct content-length when downloading versions
• Fix #5380: Nilpointer in getPermissionsByCs3Reference
• Fix #5388: Error code not checked correctly in eosclient
• Fix #5392: Fixed permissions for upload-only links
• Enh #5394: Fixed some logging going to stderr

Details

• Bugfix #5393: Correct content-length when downloading versions

  This fix corrects a bug introduced with the implementation of range requests, in
  #5367, where the content-length header was not
  populated correctly when downloading versions of a file, resulting in 0b.

  #5393

• Bugfix #5380: Nilpointer in getPermissionsByCs3Reference

  Fix for potential nilpointer: when an err is returned, the status can be nil

  #5380

• Bugfix #5388: Error code not checked correctly in eosclient

  Eosclient was returning an error when it actually succeeded

  #5388

• Bugfix #5392: Fixed permissions for upload-only links

  Pending a proper refactoring of the permissions model, this PR fixes the bug unveiled after
  merging #5364. Cf. also Jira CERNBOX-4127.

  #5392

• Enhancement #5394: Fixed some logging going to stderr

  #5394

v3.3.2

Changelog for reva 3.3.1 (2025-10-21)

The following sections list the changes in reva 3.3.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5376: Deny access shares should not be returned in SharedWithMe call
• Fix #5375: Fix parsing of OCM Address in case of more than one "@" present

Details

• Bugfix #5376: Deny access shares should not be returned in SharedWithMe call

  • SharedWithMe no longer returns deny access shares

  #5376

• Bugfix #5375: Fix parsing of OCM Address in case of more than one "@" present

  I've fixed the behavior for parsing a long-standing annoyance for users who had OCM Address
  like "mahdi-baghbani@it-department@azadehafzar.io".

  #5375

v3.3.1

Changelog for reva 3.3.1 (2025-10-21)

The following sections list the changes in reva 3.3.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #5376: Deny access shares should not be returned in SharedWithMe call
• Fix #5375: Fix parsing of OCM Address in case of more than one "@" present

Details

• Bugfix #5376: Deny access shares should not be returned in SharedWithMe call

  • SharedWithMe no longer returns deny access shares

  #5376

• Bugfix #5375: Fix parsing of OCM Address in case of more than one "@" present

  I've fixed the behavior for parsing a long-standing annoyance for users who had OCM Address
  like "mahdi-baghbani@it-department@azadehafzar.io".

  #5375